CVE-2025-36460 is a vulnerability classified under CWE-805 (Buffer Access with Incorrect Length Value) affecting the Broadcom BCM5820X Storage Adapter functionality embedded in Dell ControlVault3 and ControlVault3 Plus devices prior to versions 5.15.14.19 and 6.2.36.47 respectively. The flaw arises from improper handling of the ReceiveBufferSize parameter in the WinBioControlUnit API call, specifically when the ControlCode 2 (WBIO_USH_GET_IDENTITY) is used. This leads to multiple out-of-bounds read and write operations, causing memory corruption. The vulnerability can be triggered by an attacker with limited privileges (PR:L) who can issue the crafted API call, requiring user interaction (UI:R). The CVSS v3.1 score is 7.3, indicating high severity with impacts on confidentiality, integrity, and availability. The vulnerability is local access vector (AV:L), meaning exploitation requires local access to the system. No known exploits have been reported in the wild, and no official patches have been released at the time of publication. The vulnerability affects the underlying Broadcom BCM5820X hardware integrated into Dell's ControlVault security modules, which are used for secure authentication and cryptographic operations. Successful exploitation could allow attackers to corrupt memory, potentially leading to privilege escalation, data leakage, or denial of service conditions.

The vulnerability poses a significant risk to organizations relying on Dell ControlVault3 and ControlVault3 Plus devices that incorporate the Broadcom BCM5820X Storage Adapter. Exploitation can lead to memory corruption, which may result in unauthorized disclosure of sensitive biometric or cryptographic data, privilege escalation, or system crashes causing denial of service. This can compromise the security of authentication mechanisms and cryptographic operations, undermining the integrity and confidentiality of protected systems. Given the local access requirement and user interaction, the attack surface is somewhat limited, but insider threats or malware with user-level access could exploit this flaw. The impact is especially critical in environments where ControlVault devices are used to secure sensitive authentication credentials or cryptographic keys, such as enterprise IT infrastructure, government agencies, and critical infrastructure sectors.

Organizations should immediately inventory their use of Dell ControlVault3 and ControlVault3 Plus devices to identify affected versions. Until patches are available, restrict local access to systems with these devices, especially limiting user accounts that can invoke the WinBioControlUnit API. Employ application whitelisting and endpoint protection to prevent execution of unauthorized code that could trigger the vulnerability. Monitor system logs for unusual calls to the WinBioControlUnit API with ControlCode 2 and anomalous ReceiveBufferSize values. Coordinate with Dell and Broadcom for timely patch releases and apply updates as soon as they become available. Additionally, consider isolating critical systems using these devices from less trusted networks and users to reduce the risk of exploitation. Conduct regular security assessments and penetration testing focusing on biometric and authentication subsystems to detect potential exploitation attempts.